@redocly/openapi-core 1.0.0-beta.109 → 1.0.0-beta.111

package/lib/rules/common/assertions/asserts.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.asserts = exports.runOnValuesSet = exports.runOnKeysSet = void 0;
+exports.buildAssertCustomFunction = exports.asserts = exports.runOnValuesSet = exports.runOnKeysSet = void 0;
 const utils_1 = require("../../../utils");
 const utils_2 = require("./utils");
 exports.runOnKeysSet = new Set([
@@ -32,145 +32,185 @@ exports.runOnValuesSet = new Set([
 exports.asserts = {
     pattern: (value, condition, baseLocation) => {
         if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
+            return []; // property doesn't exist, no need to lint it with this assert
         const values = utils_1.isString(value) ? [value] : value;
         const regx = utils_2.regexFromString(condition);
-        for (const _val of values) {
-            if (!(regx === null || regx === void 0 ? void 0 : regx.test(_val))) {
-                return { isValid: false, location: utils_1.isString(value) ? baseLocation : baseLocation.key() };
-            }
-        }
-        return { isValid: true };
+        return values
+            .map((_val) => !(regx === null || regx === void 0 ? void 0 : regx.test(_val)) && {
+            message: `"${_val}" should match a regex ${condition}`,
+            location: utils_1.isString(value) ? baseLocation : baseLocation.key(),
+        })
+            .filter(utils_1.isTruthy);
     },
     enum: (value, condition, baseLocation) => {
         if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
+            return []; // property doesn't exist, no need to lint it with this assert
         const values = utils_1.isString(value) ? [value] : value;
-        for (const _val of values) {
-            if (!condition.includes(_val)) {
-                return {
-                    isValid: false,
-                    location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
-                };
-            }
-        }
-        return { isValid: true };
+        return values
+            .map((_val) => !condition.includes(_val) && {
+            message: `"${_val}" should be one of the predefined values`,
+            location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
+        })
+            .filter(utils_1.isTruthy);
     },
     defined: (value, condition = true, baseLocation) => {
         const isDefined = typeof value !== 'undefined';
-        return { isValid: condition ? isDefined : !isDefined, location: baseLocation };
+        const isValid = condition ? isDefined : !isDefined;
+        return isValid
+            ? []
+            : [
+                {
+                    message: condition ? `Should be defined` : 'Should be not defined',
+                    location: baseLocation,
+                },
+            ];
     },
     required: (value, keys, baseLocation) => {
-        for (const requiredKey of keys) {
-            if (!value.includes(requiredKey)) {
-                return { isValid: false, location: baseLocation.key() };
-            }
-        }
-        return { isValid: true };
+        return keys
+            .map((requiredKey) => !value.includes(requiredKey) && {
+            message: `${requiredKey} is required`,
+            location: baseLocation.key(),
+        })
+            .filter(utils_1.isTruthy);
     },
     disallowed: (value, condition, baseLocation) => {
         if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
+            return []; // property doesn't exist, no need to lint it with this assert
         const values = utils_1.isString(value) ? [value] : value;
-        for (const _val of values) {
-            if (condition.includes(_val)) {
-                return {
-                    isValid: false,
-                    location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
-                };
-            }
-        }
-        return { isValid: true };
+        return values
+            .map((_val) => condition.includes(_val) && {
+            message: `"${_val}" is disallowed`,
+            location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
+        })
+            .filter(utils_1.isTruthy);
     },
     undefined: (value, condition = true, baseLocation) => {
         const isUndefined = typeof value === 'undefined';
-        return { isValid: condition ? isUndefined : !isUndefined, location: baseLocation };
+        const isValid = condition ? isUndefined : !isUndefined;
+        return isValid
+            ? []
+            : [
+                {
+                    message: condition ? `Should not be defined` : 'Should be defined',
+                    location: baseLocation,
+                },
+            ];
     },
     nonEmpty: (value, condition = true, baseLocation) => {
         const isEmpty = typeof value === 'undefined' || value === null || value === '';
-        return { isValid: condition ? !isEmpty : isEmpty, location: baseLocation };
+        const isValid = condition ? !isEmpty : isEmpty;
+        return isValid
+            ? []
+            : [
+                {
+                    message: condition ? `Should not be empty` : 'Should be empty',
+                    location: baseLocation,
+                },
+            ];
     },
     minLength: (value, condition, baseLocation) => {
-        if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
-        return { isValid: value.length >= condition, location: baseLocation };
+        if (typeof value === 'undefined' || value.length >= condition)
+            return []; // property doesn't exist, no need to lint it with this assert
+        return [{ message: `Should have at least ${condition} characters`, location: baseLocation }];
     },
     maxLength: (value, condition, baseLocation) => {
-        if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
-        return { isValid: value.length <= condition, location: baseLocation };
+        if (typeof value === 'undefined' || value.length <= condition)
+            return []; // property doesn't exist, no need to lint it with this assert
+        return [{ message: `Should have at most ${condition} characters`, location: baseLocation }];
     },
     casing: (value, condition, baseLocation) => {
         if (typeof value === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
+            return []; // property doesn't exist, no need to lint it with this assert
         const values = utils_1.isString(value) ? [value] : value;
-        for (const _val of values) {
-            let matchCase = false;
-            switch (condition) {
-                case 'camelCase':
-                    matchCase = !!_val.match(/^[a-z][a-zA-Z0-9]+$/g);
-                    break;
-                case 'kebab-case':
-                    matchCase = !!_val.match(/^([a-z][a-z0-9]*)(-[a-z0-9]+)*$/g);
-                    break;
-                case 'snake_case':
-                    matchCase = !!_val.match(/^([a-z][a-z0-9]*)(_[a-z0-9]+)*$/g);
-                    break;
-                case 'PascalCase':
-                    matchCase = !!_val.match(/^[A-Z][a-zA-Z0-9]+$/g);
-                    break;
-                case 'MACRO_CASE':
-                    matchCase = !!_val.match(/^([A-Z][A-Z0-9]*)(_[A-Z0-9]+)*$/g);
-                    break;
-                case 'COBOL-CASE':
-                    matchCase = !!_val.match(/^([A-Z][A-Z0-9]*)(-[A-Z0-9]+)*$/g);
-                    break;
-                case 'flatcase':
-                    matchCase = !!_val.match(/^[a-z][a-z0-9]+$/g);
-                    break;
-            }
-            if (!matchCase) {
-                return {
-                    isValid: false,
-                    location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
-                };
-            }
-        }
-        return { isValid: true };
+        const casingRegexes = {
+            camelCase: /^[a-z][a-zA-Z0-9]+$/g,
+            'kebab-case': /^([a-z][a-z0-9]*)(-[a-z0-9]+)*$/g,
+            snake_case: /^([a-z][a-z0-9]*)(_[a-z0-9]+)*$/g,
+            PascalCase: /^[A-Z][a-zA-Z0-9]+$/g,
+            MACRO_CASE: /^([A-Z][A-Z0-9]*)(_[A-Z0-9]+)*$/g,
+            'COBOL-CASE': /^([A-Z][A-Z0-9]*)(-[A-Z0-9]+)*$/g,
+            flatcase: /^[a-z][a-z0-9]+$/g,
+        };
+        return values
+            .map((_val) => !_val.match(casingRegexes[condition]) && {
+            message: `"${_val}" should use ${condition}`,
+            location: utils_1.isString(value) ? baseLocation : baseLocation.child(_val).key(),
+        })
+            .filter(utils_1.isTruthy);
     },
     sortOrder: (value, condition, baseLocation) => {
-        if (typeof value === 'undefined')
-            return { isValid: true };
-        return { isValid: utils_2.isOrdered(value, condition), location: baseLocation };
+        if (typeof value === 'undefined' || utils_2.isOrdered(value, condition))
+            return [];
+        const direction = condition.direction || condition;
+        const property = condition.property;
+        return [
+            {
+                message: `Should be sorted in ${direction === 'asc' ? 'an ascending' : 'a descending'} order${property ? ` by property ${property}` : ''}`,
+                location: baseLocation,
+            },
+        ];
     },
     mutuallyExclusive: (value, condition, baseLocation) => {
-        return { isValid: utils_2.getIntersectionLength(value, condition) < 2, location: baseLocation.key() };
+        if (utils_2.getIntersectionLength(value, condition) < 2)
+            return [];
+        return [
+            {
+                message: `${condition.join(', ')} keys should be mutually exclusive`,
+                location: baseLocation.key(),
+            },
+        ];
     },
     mutuallyRequired: (value, condition, baseLocation) => {
-        return {
-            isValid: utils_2.getIntersectionLength(value, condition) > 0
-                ? utils_2.getIntersectionLength(value, condition) === condition.length
-                : true,
-            location: baseLocation.key(),
-        };
+        const isValid = utils_2.getIntersectionLength(value, condition) > 0
+            ? utils_2.getIntersectionLength(value, condition) === condition.length
+            : true;
+        return isValid
+            ? []
+            : [
+                {
+                    message: `Properties ${condition.join(', ')} are mutually required`,
+                    location: baseLocation.key(),
+                },
+            ];
     },
     requireAny: (value, condition, baseLocation) => {
-        return { isValid: utils_2.getIntersectionLength(value, condition) >= 1, location: baseLocation.key() };
+        return utils_2.getIntersectionLength(value, condition) >= 1
+            ? []
+            : [
+                {
+                    message: `Should have any of ${condition.join(', ')}`,
+                    location: baseLocation.key(),
+                },
+            ];
     },
     ref: (_value, condition, baseLocation, rawValue) => {
         if (typeof rawValue === 'undefined')
-            return { isValid: true }; // property doesn't exist, no need to lint it with this assert
+            return []; // property doesn't exist, no need to lint it with this assert
         const hasRef = rawValue.hasOwnProperty('$ref');
         if (typeof condition === 'boolean') {
-            return {
-                isValid: condition ? hasRef : !hasRef,
-                location: hasRef ? baseLocation : baseLocation.key(),
-            };
+            const isValid = condition ? hasRef : !hasRef;
+            return isValid
+                ? []
+                : [
+                    {
+                        message: condition ? `should use $ref` : 'should not use $ref',
+                        location: hasRef ? baseLocation : baseLocation.key(),
+                    },
+                ];
         }
         const regex = utils_2.regexFromString(condition);
-        return {
-            isValid: hasRef && (regex === null || regex === void 0 ? void 0 : regex.test(rawValue['$ref'])),
-            location: hasRef ? baseLocation : baseLocation.key(),
-        };
+        const isValid = hasRef && (regex === null || regex === void 0 ? void 0 : regex.test(rawValue['$ref']));
+        return isValid
+            ? []
+            : [
+                {
+                    message: `$ref value should match ${condition}`,
+                    location: hasRef ? baseLocation : baseLocation.key(),
+                },
+            ];
     },
 };
+function buildAssertCustomFunction(fn) {
+    return (value, options, baseLocation) => fn.call(null, value, options, baseLocation);
+}
+exports.buildAssertCustomFunction = buildAssertCustomFunction;

package/lib/rules/common/assertions/index.js

@@ -7,7 +7,7 @@ const Assertions = (opts) => {
     const visitors = [];
     // As 'Assertions' has an array of asserts,
     // that array spreads into an 'opts' object on init rules phase here
-    // https://github.com/Redocly/redocly-cli/blob/master/packages/core/src/config/config.ts#L311
+    // https://github.com/Redocly/redocly-cli/blob/main/packages/core/src/config/config.ts#L311
     // that is why we need to iterate through 'opts' values;
     // before - filter only object 'opts' values
     const assertions = Object.values(opts).filter((opt) => typeof opt === 'object' && opt !== null);
@@ -23,12 +23,8 @@ const Assertions = (opts) => {
             .filter((assertName) => assertion[assertName] !== undefined)
             .map((assertName) => {
             return {
-                assertId,
                 name: assertName,
                 conditions: assertion[assertName],
-                message: assertion.message,
-                severity: assertion.severity || 'error',
-                suggest: assertion.suggest || [],
                 runsOnKeys: asserts_1.runOnKeysSet.has(assertName),
                 runsOnValues: asserts_1.runOnValuesSet.has(assertName),
             };
@@ -42,7 +38,7 @@ const Assertions = (opts) => {
             throw new Error(`${shouldRunOnKeys.name} can't be used on a single property. Please use 'property'.`);
         }
         for (const subject of subjects) {
-            const subjectVisitor = utils_1.buildSubjectVisitor(assertion.property, assertsToApply, assertion.context);
+            const subjectVisitor = utils_1.buildSubjectVisitor(assertId, assertion, assertsToApply);
             const visitorObject = utils_1.buildVisitorObject(subject, assertion.context, subjectVisitor);
             visitors.push(visitorObject);
         }

package/lib/rules/common/assertions/utils.d.ts

@@ -1,21 +1,27 @@
-import { ProblemSeverity, UserContext } from '../../../walk';
+import type { RuleSeverity } from '../../../config';
+import { UserContext } from '../../../walk';
 export declare type OrderDirection = 'asc' | 'desc';
 export declare type OrderOptions = {
     direction: OrderDirection;
     property: string;
 };
+declare type Assertion = {
+    property: string | string[];
+    context?: Record<string, any>[];
+    severity?: RuleSeverity;
+    suggest?: any[];
+    message?: string;
+    subject: string;
+};
 export declare type AssertToApply = {
     name: string;
-    assertId?: string;
     conditions: any;
-    message?: string;
-    severity?: ProblemSeverity;
-    suggest?: string[];
     runsOnKeys: boolean;
     runsOnValues: boolean;
 };
 export declare function buildVisitorObject(subject: string, context: Record<string, any>[], subjectVisitor: any): Record<string, any>;
-export declare function buildSubjectVisitor(properties: string | string[], asserts: AssertToApply[], context?: Record<string, any>[]): (node: any, { report, location, rawLocation, key, type, resolve, rawNode }: UserContext) => void;
+export declare function buildSubjectVisitor(assertId: string, assertion: Assertion, asserts: AssertToApply[]): (node: any, { report, location, rawLocation, key, type, resolve, rawNode }: UserContext) => void;
 export declare function getIntersectionLength(keys: string[], properties: string[]): number;
 export declare function isOrdered(value: any[], options: OrderOptions | OrderDirection): boolean;
 export declare function regexFromString(input: string): RegExp | null;
+export {};

package/lib/rules/common/assertions/utils.js

@@ -1,6 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.regexFromString = exports.isOrdered = exports.getIntersectionLength = exports.buildSubjectVisitor = exports.buildVisitorObject = void 0;
+const logger_1 = require("../../../logger");
 const ref_utils_1 = require("../../../ref-utils");
 const asserts_1 = require("./asserts");
 function buildVisitorObject(subject, context, subjectVisitor) {
@@ -44,14 +45,15 @@ function buildVisitorObject(subject, context, subjectVisitor) {
     return visitor;
 }
 exports.buildVisitorObject = buildVisitorObject;
-function buildSubjectVisitor(properties, asserts, context) {
+function buildSubjectVisitor(assertId, assertion, asserts) {
     return (node, { report, location, rawLocation, key, type, resolve, rawNode }) => {
         var _a;
+        let properties = assertion.property;
         // We need to check context's last node if it has the same type as subject node;
         // if yes - that means we didn't create context's last node visitor,
         // so we need to handle 'matchParentKeys' and 'excludeParentKeys' conditions here;
-        if (context) {
-            const lastContextNode = context[context.length - 1];
+        if (assertion.context) {
+            const lastContextNode = assertion.context[assertion.context.length - 1];
             if (lastContextNode.type === type.name) {
                 const matchParentKeys = lastContextNode.matchParentKeys;
                 const excludeParentKeys = lastContextNode.excludeParentKeys;
@@ -66,35 +68,55 @@ function buildSubjectVisitor(properties, asserts, context) {
         if (properties) {
             properties = Array.isArray(properties) ? properties : [properties];
         }
+        const defaultMessage = `${logger_1.colorize.blue(assertId)} failed because the ${logger_1.colorize.blue(assertion.subject)}${logger_1.colorize.blue(properties ? ` ${properties.join(', ')}` : '')} didn't meet the assertions: {{problems}}`;
+        const assertResults = [];
         for (const assert of asserts) {
             const currentLocation = assert.name === 'ref' ? rawLocation : location;
             if (properties) {
                 for (const property of properties) {
                     // we can have resolvable scalar so need to resolve value here.
                     const value = ref_utils_1.isRef(node[property]) ? (_a = resolve(node[property])) === null || _a === void 0 ? void 0 : _a.node : node[property];
-                    runAssertion({
+                    assertResults.push(runAssertion({
                         values: value,
                         rawValues: rawNode[property],
                         assert,
                         location: currentLocation.child(property),
-                        report,
-                    });
+                    }));
                 }
             }
             else {
                 const value = assert.name === 'ref' ? rawNode : Object.keys(node);
-                runAssertion({
+                assertResults.push(runAssertion({
                     values: Object.keys(node),
                     rawValues: value,
                     assert,
                     location: currentLocation,
-                    report,
-                });
+                }));
             }
         }
+        const problems = assertResults.flat();
+        if (problems.length) {
+            const message = assertion.message || defaultMessage;
+            report({
+                message: message.replace('{{problems}}', getProblemsMessage(problems)),
+                location: getProblemsLocation(problems) || location,
+                forceSeverity: assertion.severity || 'error',
+                suggest: assertion.suggest || [],
+                ruleId: assertId,
+            });
+        }
     };
 }
 exports.buildSubjectVisitor = buildSubjectVisitor;
+function getProblemsLocation(problems) {
+    return problems.length ? problems[0].location : undefined;
+}
+function getProblemsMessage(problems) {
+    var _a;
+    return problems.length === 1
+        ? (_a = problems[0].message) !== null && _a !== void 0 ? _a : ''
+        : problems.map((problem) => { var _a; return `\n- ${(_a = problem.message) !== null && _a !== void 0 ? _a : ''}`; }).join('');
+}
 function getIntersectionLength(keys, properties) {
     const props = new Set(properties);
     let count = 0;
@@ -127,17 +149,8 @@ function isOrdered(value, options) {
     return true;
 }
 exports.isOrdered = isOrdered;
-function runAssertion({ values, rawValues, assert, location, report }) {
-    const lintResult = asserts_1.asserts[assert.name](values, assert.conditions, location, rawValues);
-    if (!lintResult.isValid) {
-        report({
-            message: assert.message || `The ${assert.assertId} doesn't meet required conditions`,
-            location: lintResult.location || location,
-            forceSeverity: assert.severity,
-            suggest: assert.suggest,
-            ruleId: assert.assertId,
-        });
-    }
+function runAssertion({ values, rawValues, assert, location }) {
+    return asserts_1.asserts[assert.name](values, assert.conditions, location, rawValues);
 }
 function regexFromString(input) {
     const matches = input.match(/^\/(.*)\/(.*)|(.*)/);

package/lib/rules/common/no-ambiguous-paths.js

@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.NoAmbiguousPaths = void 0;
 const NoAmbiguousPaths = () => {
     return {
-        PathsMap(pathMap, { report, location }) {
+        Paths(pathMap, { report, location }) {
             const seenPaths = [];
             for (const currentPath of Object.keys(pathMap)) {
                 const ambiguousPath = seenPaths.find((seenPath) => arePathsAmbiguous(seenPath, currentPath));

package/lib/rules/common/no-identical-paths.js

@@ -3,11 +3,11 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.NoIdenticalPaths = void 0;
 const NoIdenticalPaths = () => {
     return {
-        PathsMap(pathMap, { report, location }) {
-            const pathsMap = new Map();
+        Paths(pathMap, { report, location }) {
+            const Paths = new Map();
             for (const pathName of Object.keys(pathMap)) {
                 const id = pathName.replace(/{.+?}/g, '{VARIABLE}');
-                const existingSamePath = pathsMap.get(id);
+                const existingSamePath = Paths.get(id);
                 if (existingSamePath) {
                     report({
                         message: `The path already exists which differs only by path parameter name(s): \`${existingSamePath}\` and \`${pathName}\`.`,
@@ -15,7 +15,7 @@ const NoIdenticalPaths = () => {
                     });
                 }
                 else {
-                    pathsMap.set(id, pathName);
+                    Paths.set(id, pathName);
                 }
             }
         },

package/lib/rules/common/operation-2xx-response.js

@@ -3,8 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Operation2xxResponse = void 0;
 const Operation2xxResponse = () => {
     return {
-        ResponsesMap(responses, { report }) {
-            const codes = Object.keys(responses);
+        Responses(responses, { report }) {
+            const codes = Object.keys(responses || {});
             if (!codes.some((code) => code === 'default' || /2[Xx0-9]{2}/.test(code))) {
                 report({
                     message: 'Operation must have at least one `2XX` response.',

package/lib/rules/common/operation-4xx-response.js

@@ -3,8 +3,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.Operation4xxResponse = void 0;
 const Operation4xxResponse = () => {
     return {
-        ResponsesMap(responses, { report }) {
-            const codes = Object.keys(responses);
+        Responses(responses, { report }) {
+            const codes = Object.keys(responses || {});
             if (!codes.some((code) => /4[Xx0-9]{2}/.test(code))) {
                 report({
                     message: 'Operation must have at least one `4XX` response.',

package/lib/rules/common/path-not-include-query.js

@@ -3,7 +3,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.PathNotIncludeQuery = void 0;
 const PathNotIncludeQuery = () => {
     return {
-        PathsMap: {
+        Paths: {
             PathItem(_operation, { report, key }) {
                 if (key.toString().includes('?')) {
                     report({

package/lib/rules/common/path-params-defined.js

@@ -6,6 +6,7 @@ const PathParamsDefined = () => {
     let pathTemplateParams;
     let definedPathParams;
     let currentPath;
+    let definedOperationParams;
     return {
         PathItem: {
             enter(_, { key }) {
@@ -25,9 +26,13 @@ const PathParamsDefined = () => {
                 }
             },
             Operation: {
+                enter() {
+                    definedOperationParams = new Set();
+                },
                 leave(_op, { report, location }) {
                     for (const templateParam of Array.from(pathTemplateParams.keys())) {
-                        if (!definedPathParams.has(templateParam)) {
+                        if (!definedOperationParams.has(templateParam) &&
+                            !definedPathParams.has(templateParam)) {
                             report({
                                 message: `The operation does not define the path parameter \`{${templateParam}}\` expected by path \`${currentPath}\`.`,
                                 location: location.child(['parameters']).key(), // report on operation
@@ -37,7 +42,7 @@ const PathParamsDefined = () => {
                 },
                 Parameter(parameter, { report, location }) {
                     if (parameter.in === 'path' && parameter.name) {
-                        definedPathParams.add(parameter.name);
+                        definedOperationParams.add(parameter.name);
                         if (!pathTemplateParams.has(parameter.name)) {
                             report({
                                 message: `Path parameter \`${parameter.name}\` is not used in the path \`${currentPath}\`.`,

package/lib/rules/common/response-contains-header.js

@@ -8,13 +8,13 @@ const ResponseContainsHeader = (options) => {
         Operation: {
             Response: {
                 enter: (response, { report, location, key }) => {
-                    var _a;
                     const expectedHeaders = names[key] ||
                         names[utils_1.getMatchingStatusCodeRange(key)] ||
                         names[utils_1.getMatchingStatusCodeRange(key).toLowerCase()] ||
                         [];
                     for (const expectedHeader of expectedHeaders) {
-                        if (!((_a = response.headers) === null || _a === void 0 ? void 0 : _a[expectedHeader])) {
+                        if (!(response === null || response === void 0 ? void 0 : response.headers) ||
+                            !Object.keys(response === null || response === void 0 ? void 0 : response.headers).some((header) => header.toLowerCase() === expectedHeader.toLowerCase())) {
                             report({
                                 message: `Response object must contain a "${expectedHeader}" header.`,
                                 location: location.child('headers').key(),

package/lib/rules/common/security-defined.js

@@ -3,9 +3,10 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.SecurityDefined = void 0;
 const SecurityDefined = () => {
     const referencedSchemes = new Map();
+    const operationsWithoutSecurity = [];
     let eachOperationHasSecurity = true;
     return {
-        DefinitionRoot: {
+        Root: {
             leave(root, { report }) {
                 for (const [name, scheme] of referencedSchemes.entries()) {
                     if (scheme.defined)
@@ -21,9 +22,12 @@ const SecurityDefined = () => {
                     return;
                 }
                 else {
-                    report({
-                        message: `Every API should have security defined on the root level or for each operation.`,
-                    });
+                    for (const operationLocation of operationsWithoutSecurity) {
+                        report({
+                            message: `Every operation should have security defined on it or on the root level.`,
+                            location: operationLocation.key(),
+                        });
+                    }
                 }
             },
         },
@@ -42,9 +46,10 @@ const SecurityDefined = () => {
                 }
             }
         },
-        Operation(operation) {
+        Operation(operation, { location }) {
             if (!(operation === null || operation === void 0 ? void 0 : operation.security)) {
                 eachOperationHasSecurity = false;
+                operationsWithoutSecurity.push(location);
             }
         },
     };